steve1368
-
Posts
80 -
Joined
-
Last visited
Posts posted by steve1368
-
-
You may have all those programs, but you might have downloaded something unintentionally while visiting an unsafe site or downloading an application that was bundled with a trojan keylogger. Be honest, have you downloaded ANYTHING at all within a few weeks of your account being hacked? Even visiting crack/serial sites, or even being accidentally redirected to random sites can get stuff automatically downloaded.
I would also recommend you do a little research on your AV programs. I've heard of and know that Spywareblaster, Spybot, Ad-Aware, etc. are good "legit" programs, but I've never heard of the others before.
I can safely say that I didn't visit crack/serial sites recently. I do download movie torrents ( I love movies ), and I only click on links from the sender I know off, if not it is a big NO NO for me. Now I'm gonna stop that too.
Along with the Spyware programs above, get Windows Defender (formerly Microsoft Anti-Spyware.) It provides real time protection, and having them overlap each other is never a bad idea.
AJ
Guess I was away too long from here, I didn't know MSAS ( Microsoft Anti-Spyware) is now known as Windows Defender. I have MSAS running at all times, wouldn't that cause any problems if both running together ?
Anyway, just to inform everyone, I have scanned my system & came out with nothing, just wondering whether my comp security is compromised? Anything else I can do ?
-
I thought my computer security is pretty good.
I mean I have Kaspersky,Ewido,cwshredder,spywareblaster,MSAS,ad-aware,spybot,analog script defender,ccleaner,outpost pro, D-link hardware firewall. I always use firefox , use ccleaner after use and regularly scan & clean my comp.
But guess what ! I got hacked into my e-gold account, luckily only lost small change but I'm damn mad because someone got thru all my securities measures I have taken.
The only think I can think of is this trojan I read about "Win32.Grams" , those who wanna read more , here is the link. http://www.lurhq.com/grams.html
Now , I'm totally lost, you can never be too careful. Did some research, some suggested using VMware virtual desktop http://www.vmware.com/ and another suggested Faronics Deep-Freeze http://www.faronics.com/html/deepfreeze.asp
I really hope someone can shed some light in this matter. I don't feel safe anymore, altho I've changed my passwords.
Help me out guys before I go bonkers.
-
You're now the third one I know whom has converted.
You're kidding aren't you. I'm one the guys who got interested in OP, and you guided me.
Are you telling me I'm just one of the 3 persons who converted to OP.I'm truly surprised.
I find OP a great software fw. In my experience it is much more better then ZA( which I've used ).
I initially had some hiccups with OP, then I found out, that it was due to software conflict with
my anti virus( I was using Avast, at that time ). Altho Avast was good but I liked OP , so switched my av
to Kaspersky,which my nephew passed it to me.......it has been a smooth sail ever since.
I'm no expert in firewalls, but with my Kaspersky,Ewido,CWshredder,MSAS,Spyware Blaster,AdAware SE, Spybot,CCleaner and D-Link router and several more progs, I think I'm pretty much protected.
All this I learned from here. Thanks to Tarun, DJLizard, Lee16 , Twisted, Andavari and many more "senior" guys over here.
I don't come here so often nowadays, but I try to pop in once in a while.
Hope many more will test out OP
Cheers
-
Its been a long time since I posted here
I just saw this suggestion in another forum - to protect your pc from keyloggers
One of the suggestion was to use this software http://www.snoopfree.com/
I didn't download it , since I believe I have enuf softwares to protect my pc,
nevertheless I like to know if this is any better.
Cheers !
-
Recently, I got it every time I scanned with spybot. First time I deleted it, but comes back again. So now, I just ignore it.
Cheers
-
You mean you're 33 years "young" lady
None of us are old over here. We are all young bunch of ppl ( I hope nobody disputes that
) Welcome to CCleaner Forum, incy wincy.
-
but i thought that the free edition and comercial version share the same definition...? except the update sites is not high-speed...
I was refering to commercial products like Nod32.
I'm using Avast Home Edition, its free as you know.
Just wanted to share with everyone that with a freeware anti virus and a good layering , you would be well protected ( not 100 % , but very well protected )
So, in summary, altho products like Nod32 has good ratings, you can still make do almost equally well with a decent freeware anti virus with proper layering.....sound familiar isn't it ? Yes it is, it's been told many times I guess, just that I found a link showing me figures in comparison with freeware and commercial product. That's all.
Having said that, one persons test doesn't mean a lot , but it gives me a good idea the margin of difference between both.
Cheers
-
Yep! What I thought was interesting was the % of security achieved with freeware softwares in comparison with commercial products AND choice of freeware product used in his findings.
I'm sure a lot of us are following the above method. In my case, I don't know where I actually stand in terms of security compared to commercial products.....now I know
-
I found something interesting just now, regarding security measures. Title as follows:-
"How Good are Free Security Programs? A multi-part series that examines the effectiveness of free security software."
Some may have read it , some may have not, anyway those interested, check it out!
http://www.techsupportalert.com/free-vs-paid-av.htm
From the same writer of "The 46 Best Ever Freeware Utilities" .
Cheers
-
Yes there is gals around! joined to day. Brand new to puters so Im learning, I hope..
Welcome aboard Sunshine. Hope you will enjoy learning like I do.
Cheers
-
Your system is fast enough to handle disk compression without tanking your performance too much.
I guess , that means I can maintain my C: as it is.....compressed.
Thanks
-
Well here is the breakdownHow'd it get full? What kinds of files do you keep on it? Are there large games you can uninstall? Mp3s you can archive to CD?C: Total size 19.1 , free space 12.3 GB
D: Total size 19.1, free space 4.07
C is compressed.Besides the normal stuff, I have mp3 that is about 700 MB. I think this is OK. My concern is whether to uncompress C: . I compressed C: long time ago, when free space went as low as 2 GB.
D: is low becos I have a lot of movies down there.
, but this not compressed, so this not my current concernRe XP's disk compression: If your computer is fast enough and has enough memory, you won't notice much of a performance hit [decompression is done in memory, and is lightning-fast, but takes up to 2x to 4x the amount of memory as a normal file].System : Intel® Pentium® 4 CPU 2.40Ghz , 768 Mb of RAM. Windows XP Pro Version 2002, SP2
So based on above system info, can you please explain what you mean in your second para. Thanks
Cheers
-
-
When I hd was running short of space, I compressed by C:
Now I have more space available., but continue to keep C: as compressed.
I was told that it is not very good to keep C: compressed, as it is has to work harder
when opening file, i.e. originally compressed , uncompress to open, compress again after use.
So, is it true that it is bad for the pc?
Cheers
-
I dunno. I don't even use firewalls (except the built-in Windows firewall). I don't have anti-virus, anti-spyware, a software firewall, nor hardware firewalling (I'm DMZ on my router).
I do use Peerguardian, which is a sort of protection, but protection isn't even what I use it for
Ha ha, you go "Commando" as you mentioned somewhere before.
Well, I'll just remove the fw and check it out.
-
Well, try Autoruns [ http://www.sysinternals.com/Utilities/Autoruns.html ] and remove any entries in the Logon tab that say 'file not found' near them.
Cheers.
DjLizard, tried Autorun, no entries with "file not found" near them. BTW my pc has not shut off suddenly so far. My fw is still turned off, I wonder my fw got screwed up and gave such a problem?
-
Actually, the shut off time varied, some was very immediate,but all of it never made it into windows. I should have narrated better for clearer uderstanding, guess I didn't.Sounds good. So when you said it was shutting off within seconds, you didn't really mean within seconds..? That it was trying to go into Windows and would blow up before it got there (but allowed safe mode) ? Just wanted to make sure I understand.
I have applied Tarun's Anti Malware and his guide to keep my pc clean and I run them at least every 2 days, if not everyday. I'll try Autoruns at my pc later(my whole neighbourhood has a power failure & I'm writing from a pc in my sister's home). Will post updates later.So then you *do* have a software problem? It'd be a good idea to read/run-through Tarun's anti-malware guide if you haven't yet. (cue Tarun to paste his usual spiele) The boxes entry may not be malware. Or it may be an entry that really no longer exists, or an entry with an undisplayable name (like UNICODE). Well, try Autoruns [ http://www.sysinternals.com/Utilities/Autoruns.html ] and remove any entries in the Logon tab that say 'file not found' near them.Cheers.
Thank you very much.
I guess you are new here and trying to help and you don't mean to be unfriendly. Sometimes, it will be good if you don't try to proof that you are right & others to be wrong......well just a thought, thanks for your help anyway.
-
Since I live in a different time zone, I didn't get any replies from anyone yesterday morning ( my time ).
So, I managed to get a tech to check my pc, last night. After checking, he knows, what I meant shutting off in seconds after switching on.
So, he went to safe mode, but the computer didn't shut off and still working. He did some other checking with my computer, which I don't know ( yesterday night I had some unexpected visitors, so I had to juggle my time with the tech & the visitors ).
But I know he went to "msconfig" ( if I'm not wrong of the spelling) & saw something alien, that is some small "boxes" character. After removing the boxes the computer can work as usual. But the "boxes" came back again when he checked msconfig. His suspicion & he repeated that it is only a guess, that it could be a worm. He needs more through checking he said. The mobo looks OK by visual inspection. He doesn't suspect power supply anymore.
After he left, I restarted the computer , boom...same thing happened again. But I restarted again the comp and it worked well without shuting off. So I quickly burned some important documents. At that time, I noted my software firewall was disabled and my comp is still working without shutting off by itself. I did a scan with ewido, nothing found. So I went to bed.
This morning, I switched on the comp, still working properly, no shutting off in seconds. Again I noted my fw was disabled.
Tonite, I'm going to remove the software fw and monitor the comp for anything else. Meanwhile, I'm going to learn from my nephew about reinstalling computers.
If nothing happens, then it is OK, but if the damn thing happens again, I'm going to reinstall my comp.
BTW, DickUpinya, take it easy. The guys over here are good fellas. Read as many posts you can, you'll understand what I mean. To me, when I'm in s**t , these guys help me out a lot. So I'm sticking here.
Cheers.
EDIT - Additional info :
The fans are working.
I've got 3x256 MB Kingston RAM. Out of which 2x256 MB RAM was installed 3 weeks ago. No problem on RAM so far. No beeps , no other sounds, no error message.
-
Last night my cpu just "shut off" by itself ( not proper shut down ). There was no power on the cpu.
I checked and made sure all wires are intact. I didn't have any clue. Restarted the computer again. After about 30 minutes, same thing happened. That's it...... I went off & slept.
This morning, it went off in seconds after switch on. This happened 3 times when I tried.
The monitor is working fine. I changed the cables & tested in those times and even connected directly without using the ups...same result, on & switches off in seconds.
I don't want to repeat further, fearing repeated on & off might damage something.
I suspect some hardware problem. Anyone has any idea whats the problem & how to troubleshoot this one?
Please advise in layman terms.
Thanks
-
Looks completely clean. If it was me however, I'd remove the O16's and the two entries:
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
Removed it as per your suggestion.
Thanks
-
Since I've been hit by bagle & backdoor recently, decided to post my HJT log
for analysis.
Thanks in advance.
Logfile of HijackThis v1.99.1
Scan saved at 22:44:27, on 01/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Ares Lite Edition\Ares.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
C:\unzipped\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Outpost Firewall] C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe /waitservice
O9 - Extra button: Browser Adjustment - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.windowsecurity.com/trojanscan/TDECntrl.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...468/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F2A6F5F-8BAF-4972-ABC6-DA099E47B685}: NameServer = 202.188.0.133 202.188.1.5
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
-
It couldnt hurt to post a HJT log. Try this: refind the infected files then right click on them and choose to scan them with Avast see if it detects them as malware.
Did that with avast & ewido.....nothing
I'll post my new hijack this log in a new topic.
Hopefully nothing nasty.
Thanks
-
Thanks DjLizard
-
Since you know where the infected files are look for them manually maybe they were deleated by the malware scanners you ran. Do you have an AV with an active scanner maybe that deleated it.Suppose if it's at all sophisticated enough to know it's being scanned it may "deactivate or hide" itself. Or your antivirus/antimalware may have already taken care of it since trojans, worms, etc., are usually automatically deleted since they aren't necessary executibles.
Did a manual check , both files still there.
I have avast home resident scanner, msas & outpost pro running all the time.
Is there anyway to check further to be really sure, or should I just post here my current HJT log for analysis.
) 
I got hacked
in Windows Security
Posted
Thanks for the suggestions guys. Right now my HJT log is being analysed by AndyManchesta.
Lets see what happens.
Thanks again